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Listing of claims: 

L (Currently amended) A computer-readable medium having computer-executable 
instructions for protecting network d omain data against unauthorized modification in a 



receiving, at a first computing machine, a request to modify an object associated with a 
shared data structure, wherein t he shared data structure fa shared by {he plurality of network 
domains flpannino. a plurality of domaino , wherein the first computing machine resides in at least 
one of the network domains a domain, wherein t he object includes including a security descriptor 
identifying an owner network domain of the object in th e plurality of domains and having an 
identification of one or more users; 

determining whether the first computing machine resides in is within the owner network 
domain by retrieving from the security descriptor the identity of the owner network d omain and 
comparing the owner network domain identity to the network domain within which the first 
computing machine resides; and 

it* th e first computing machine is not within the owner domain, re jecting the request to 
modify the object when the first computing machine does not reside in the owner network 
domain . 

2. (Currently amended) The computer-readable medium of claim I, further 
comprising, if the firsHSOmputing machine is within the owner domain allowing the request to 
modify the object when the first computing machine resides in the owner network domain . 

3. (Currently amended) The computer-readable medium of claim 1, wherein the 
shared data structure includes at least one data store that is replicated among each of the plurality 
of net work domains, and wherein the object is contained within the replicated data store. 

4. (cancelled) 



distributed computer n etwork having a plurality of network domains , comprising: 
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5. (Currently amended) The computer-readable medium of claim U wherein the 
security descriptor further comprises a field that indicates whether a special security evaluation 
should be performed on requests to modify the object, and wherein the computer-executable 
instructions further comprise, if the Sold indicates thai the - special security evaluation should bo 
p e rform e d, causing the special security evaluation to be performed when the field indicates that 
the special security evaluation should be performed . 

6. (Currently amended) The computer-readable medium of claim 5, wherein the 
special security evaluation comprises causing requesting that a second computing machine 
within the owner network domain evaluate whether an entity issuing the request to modify the 
object is authorized to modify the object. 

7. (Currently amended) A computer-implemented method for protecting network 
domain data against unauthorized modification in a distributed computer n etwork having a 
plurality of network domains, comprising: 

receiving, from a requester at a first machine in a first network d omain in a the plurality 
of neiworkdomains^ a request to modify an object, the request including a security token 
identifying at least one group of which the requester is a member, the object having an associated 
security descriptor identifying an owner network domain fes of the object and having an 
identification of one or more users, the object having a flag to identify whether a special security 
evaluation is to be performed on requests to modify the object; 

determining from the flag whether the special security evaluation is to be performed on 
the request to modify the object; 

t^ the flag indicates - tn -fee-a^ Hnativc, thca -performing the special security evaluation on 
ihe request to modify the object when the flag indicates in the affirmative, wherein the special 
security evaluation on the request to modify the object is performed by passing the security token 
associated with die request and the security descriptor associated with the object to the owner 
network domain for evaluation; and 
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if the spec i al socur tty evaluation approves the request to modify th e obj e ct th e a - a llowing 
the request to modify the object to proceed when the special security evaluation approves the 
request to modify the object . 

8. (cancelled) 

9. (Currently amended) The computer-readable medium of claim 7, further 
comprising, if ihe flag indicates in the negative, then p erforming a security evaluation on the 
request to modify the objec t when the flag indicates in the negative . 

1 0. (original) The computer-readable medium of claim 9, wherein the security 
evaluation comprises, comparing the security token with the security descriptor to determine 
whether the requester is a member of any groups that have been granted permission to access the 
object. 

1 1. (original) The computer-readable medium of claim 10, wherein the security 
evaluation further comprises determining whether the request to modify the object is a 
modification for which the requester is privileged on the first machine regardless of whether the 
requester is a member of any groups that have been granted permission to access the object. 

12. (Currently amended) The computer-readable medium of claim 11, wherein the 
security evaluation further comprises denying the request when the requester is privileged to 
perform t he request to modify the object, the rcouested modification is a fundamental 
modification of the object, and the first network domain is not the owner network domain of the 
object jf th e r e quester is privileged to perform the r e quest t o modify the object, and tho 
requested modific atio n is a fundamental modification of the object, then denying the request if 
the first domain ia not the owner domain for the obje e*. 
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1 3 . (Currently amended) A computer-readable medium having computer-executable 
components to protect Bfifcvpxfc domain data against unauthorized modification in a distributed 
computer network havinp a plurality of network domains: comprising: 

a shared data structure of the that spans a plurality of domains, at least two network 
domains in the plurality of network domains having a transitive trust relationship wherein a user 
authentication within one of the two network domains is honored in the other of the two network 
domains, the shared data structure having at least one data store that is replicated among each of 
the plurality of network domains: 

an object stored within the data store, the object having a plurality of attributes, at least 
one of the attributes being related to security access rights associated with the objeer, the security 
access rights including an owner network d omain identifier identifying one of the domains 
within the plurality of domains, and having a n identification of one or more users; and 

a security system configured to receive a request to modify the object, to retrieve from 
the object the owner network domain identifier, to compare the owner network d omain identifier 
with an identifier of a network d omain from which the request originated, and to reject the 
request to modify the object if the owner network d omain identifier does not match the identifier 
of the _network domain from which the request originated. 

14. (Currently amended) The computer- readable medium of claim 13, wherein: 
the security access rights associated with the object further comprise an indicator that an 

attempt to access the object is to be evaluated within the network domain identified by the owner 
network domain: and 

the security system is further configured to, prior to performing a security evaluation on a 
received request to modify the object, determine from the indicator whether the request to 
modify the object should be evaluated within the network domain identified by the owner 
network domain t and if so, to return a notification to the requestor that the security evaluation is 
to be evaluated within the networkdomain identified by the owner network domain. 
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1 5. (Currently amended) The computer-readable medium of claim 14, wherein the 
notification lo the requestor comprises a referral message including an identification of the 
owne r network domain. 

16. (Currently amended) The computer-readable medium of claim 13 > wherein the 
security system is further configured to determine whether the request to modify the object 
originated within a particular network domain of the plurality of network domains, and if so, 
then to perform a standard security evaluation of the request to modify the object without reson 
to the owner network d omain. 

1 7. (Currently amended) The computer-readable medium of claim 16, wherein the 
particula r network domain is a root network domain of the shared data structure. 

1 S. (original) The computer-readable medium of claim 13, wherein the shared data 
structure comprises a directory service and wherein the at least one data store comprises 
configuration data associated with the directory service. 

19. (original) The computer-readable medium of claim 13, wherein the shared data 
structure comprises a directory service and wherein the at least one data store comprises schema 
data associated with the directory service. 

20. (Currently amended) The computer-readable medium of claim 13, wherein the at 
least one attribute comprises a security descriptor and permissions associated with the one or 
more users, and the owner network domain identifier is part of an owner security identifier. 

2 1 . (previously presented) The computer-readable medium of claim 1 , wherein the 
security descriptor includes permissions associated with the one or more users. 
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22. (previously presented) The computer-readable medium of claim 7, wherein the 
security descriptor includes permissions associated with the one or more users. 
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